Information Security Policy Awareness Case Study - 275 Words

Information Security Policy Awareness Case Study (Case Study Sample) Content: Significance of the Study 1The significance of this study will be to expand on previous knowledge of information security. The study explores information security policy awareness, enforcement, and maintenance in relation to information security program effectiveness. Understanding this relationship will provide knowledge that may allow practitioners to develop more effective information security programs. As a result, this study will assist in mitigating employee noncompliance and potentially reduce the percentage of breaches encountered by organizations.Moreover, reducing the percentage of breaches will eventually minimize the financial burden of organizations due to information security breaches.The results of this study will add to the body of information on information security. Furthermore, the findings should contribute further information on the relationship between information security policy awareness, enforcement, maintenance and information security progra m effectiveness. This added information will provide scholars and practitioners with a profound understanding of the effects that information security policy awareness, enforcement, and maintenance have on information security program effectiveness. The study is especially relevant in the mitigation of employee noncompliance to information security policy because data gathered is from the employees perspective. Therefore, it addresses the relationships between IVs and DVs from the employees point of view. With employees being the weakest link in security programs, this study may provide information that can enhance information security program effectiveness (Knapp Ferrante, 2012).Significance of the Study 2Information security can be achieved through empirical investigation on the implementation of effective organizational Information security program (Hagen, et al.: Herath and Rao). Effective information security program improves information security (Jolmston Hale. 2009). by mai ntaining integrity. confidentiality, and availability, while providing appropriate and consistent information, achieving adequate organizational goals. Effective information security program. utilizes resources efficiently, and implements effective internal control measures that provide reasonable assurance that available control objectives are effective enough to thwart, detect, prevent or correct any threats in a timely manner (Vlsanoiu. Serban, 2010).Information system of today faces more potential security infringement than ever before. The regular susceptibility of data to breaches is a function of systems users disinclination to follow appropriate security measures (Lomo-David. et al. 2011). Mitigating the effect of security breaches requires a strong Information Security Management (ISM) (Ma Sclmiidt Pearson 2009). Many researchers agree that protecting information systems is necessary for an organization to maintain information availability. reliability, and confidentialit y; however, literature on the actions that would best meet IS challenges in developing countries are inadequate.Lack of effective IS program in developing countries is the reason for IS vulnerabilities (Abu-Musa 2010), particularly in Nigerian private and public organizations. .Many businesses are at risk due to emerging security threats, and there are few literatures that address IS program effectiveness. An available literature on IS program effectiveness found that organizations IS policy is a critical document that must address security issues and eventually encourage IS effectiveness (...